NIST eyes removing flawed Dual_EC_DRBG alogrithm from guidelines

Share this article:
Researchers uncover NSA tool, enables faster cracking of flawed RSA algorithm
NIST is looking to remove the flawed Dual_EC_DRBG algorithm from its guidelines.

The National Institute of Standards and Technology (NIST) is seeking to update its guidelines by removing a flawed, community-developed algorithm believed to contain a backdoor.

NIST announced on Monday that it had revised its document, “Recommendation for Random Number Generation Using Deterministic Random Bit Generators,” to exclude the questionable Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG) algorithm.

“NIST is removing the algorithm based on our own evaluation and the lack of public confidence in the algorithm,” Jennifer Huergo, a NIST spokesperson, told SCMagazine.com in a Tuesday email correspondence.

Huergo linked to a revision summary, posted on Monday, which explains how Dual_EC_DRBG is perceived by the public to contain a backdoor. This backdoor could result in attackers predicting secret cryptographic keys, according to the summary.

The revised document, known as SP 800-90A, has only just been opened for public comments, so there has not yet been much of a community response, Huergo said. Commenters have until May 23 to voice their opinions on the update, according to a Monday NIST release.

NIST is urging all users not to wait for further revisions and to quickly begin shifting to one of the other algorithms still supported in the revised document, which include the Hash_DRBG, HMAC_DRBG, and CTR_DRBG algorithms.

In September 2013, NIST advised against using Dual_EC_DRBG due to a possible backdoor. Shortly after, RSA, which used the algorithm in all its BSAFE Toolkits, recommended shifting to one of the different algorithms built into the BSAFE Toolkit.

In December 2013, reports suggested that RSA entered into a $10 million secret agreement with the National Security Agency (NSA) to continue using the flawed algorithm in its products, but RSA quickly denied the allegations.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Company news: New hires at Accuvant, ZeroFox and ThreatStream

New hires at Accuvant, ZeroFOX and ThreatStream, while a divestiture at Juniper and an acquisition for BlackBerry.

News briefs: The latest on Sony, Android, Backoff malware and more.

News briefs: The latest on Sony, Android, Backoff ...

This month's news briefs cover a preliminary settlement Sony will bear for the exposure of 77 million customers, and more.

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.